Security Analysis for Browser Extensions (Masterseminar)
Description
Browser extensions enhance user experience by adding functionality to web browsers, but they also present significant security risks. With access to sensitive data and system resources, extensions can become vectors for malicious activities, such as data theft, privacy invasion, and unauthorized actions. In recent years, the security of browser extensions has become a growing concern due to their increasing prevalence and capability. This seminar will explore the landscape of security analysis for browser extensions, discussing both static and dynamic analysis techniques to detect vulnerabilities and malicious behavior. It will also examine key challenges such as extension privilege misuse, obfuscation tactics, and scalability in detection methods. Through this, participants will gain insights into emerging solutions and ongoing research efforts aimed at securing browser extensions in a rapidly evolving ecosystem.
We will cover a variety of topics like…
- Malware and Vulnerability Detection
- Privacy and Sensitive Data
- Machine Learning
- Static and Dynamic Analysis
Pre-requisites
- English only
- Interest in program analysis and browser extensions
- Basic knowledge of JavaScript and HTML
- Time: Wednesday 16:00 to 18:00
- Place: Oettingenstr. 67 - C 007
- Attendance at the first session is mandatory! Anyone not present cannot take the seminar.
- During the first session, the participants will choose their paper.
- Give a presentation of his paper.
- Provide feedback for presentations and participate in every week's discussion.
- Write a seminar report at the end of the term.